although someone seems to propagate that version 1 is insecure in
general it's only an implementation bug. Therer are patches available for various versions of OpenSSH for *BSD, Linux and some oder platforms. Look at http://www.openssh.org for details.